Cisco SD-WAN Manager Hit by 7th Zero-Day of 2026, No Patch
June 5, 2026
Cisco disclosed CVE-2026-20245, a command injection zero-day in Catalyst SD-WAN Manager enabling root access via file upload, with no patch
Cybersecurity
Cisco SD-WAN Manager Hit by 7th Zero-Day of 2026, No Patch
Cisco disclosed CVE-2026-20245, a command injection zero-day in Catalyst SD-WAN Manager enabling root access via file upload, with no patch available.
Five Eyes Warn Chinese Spies Use Fake Jobs to Target Clearances
Five Eyes agencies warn Chinese military intelligence is using fake job listings on LinkedIn to recruit government and military insiders for espionage.
IronWorm Rust Malware Hits 36 npm Packages in Supply Chain Attack
JFrog researchers discovered IronWorm, a Rust-based infostealer with an eBPF rootkit, injected into 36 npm packages to steal AI API keys and self-propagate.
Hola Browser for Windows Bundled Monero Miner in Supply Chain Hit
AppEsteem found a Monero cryptominer bundled inside Hola Browser's Windows installer, hidden as a Windows service and excluded from Windows Defender scanning.
Russia Seeks Extremist Label for Cyber Partisans and Silent Crow
Russia's Supreme Court will consider designating Belarusian Cyber Partisans and Silent Crow as extremist groups following the 2025 Aeroflot cyberattack.
Play Ransomware Hits Law Firm, Food Tech, Church, and Factory
Play ransomware posted four US victims in a single day: a food processing manufacturer, a law firm, a religious organization, and a manufacturing company.
Akira Threatens to Publish 53 GB from US Parts Maker and Ohio MLS
Akira ransomware posted National Standard Parts Associates and Northern Ohio Regional MLS, threatening 53 GB of employee records, contracts, and financial data.
Qilin Ransomware Hits Avcon Jet, Slovenian Food Group, and Trican
Qilin ransomware posted Avcon Jet, SKUPINA Don Don, and Trican in a three-country sweep targeting private aviation, food retail, and Canadian oilfield services.
TheGentlemen Hits Saudi Arabia, India, Thailand, and Portugal
TheGentlemen ransomware struck Saudi Arabia, India, Thailand, and Portugal in one day, including a first GCC target, as the group exceeds 330 victims in 2026.
WorldLeaks Targets Thai Infrastructure Giant CH Karnchang
WorldLeaks claimed CH Karnchang, Thailand's major infrastructure builder, and United Auto Supply in a pure data extortion operation with no file encryption.
Five Eyes Warn Chinese Spies Use Fake Jobs to Target Clearances
June 5, 2026
Five Eyes agencies warn Chinese military intelligence is using fake job listings on LinkedIn to recruit government and military insiders
IronWorm Rust Malware Hits 36 npm Packages in Supply Chain Attack
June 5, 2026
JFrog researchers discovered IronWorm, a Rust-based infostealer with an eBPF rootkit, injected into 36 npm packages to steal AI API
Hola Browser for Windows Bundled Monero Miner in Supply Chain Hit
June 5, 2026
AppEsteem found a Monero cryptominer bundled inside Hola Browser’s Windows installer, hidden as a Windows service and excluded from Windows
Russia Seeks Extremist Label for Cyber Partisans and Silent Crow
June 5, 2026
Russia’s Supreme Court will consider designating Belarusian Cyber Partisans and Silent Crow as extremist groups following the 2025 Aeroflot cyberattack.
Play Ransomware Hits Law Firm, Food Tech, Church, and Factory
June 5, 2026
Play ransomware posted four US victims in a single day: a food processing manufacturer, a law firm, a religious organization,
Akira Threatens to Publish 53 GB from US Parts Maker and Ohio MLS
June 5, 2026
Akira ransomware posted National Standard Parts Associates and Northern Ohio Regional MLS, threatening 53 GB of employee records, contracts, and
Qilin Ransomware Hits Avcon Jet, Slovenian Food Group, and Trican
June 5, 2026
Qilin ransomware posted Avcon Jet, SKUPINA Don Don, and Trican in a three-country sweep targeting private aviation, food retail, and
TheGentlemen Hits Saudi Arabia, India, Thailand, and Portugal
June 5, 2026
TheGentlemen ransomware struck Saudi Arabia, India, Thailand, and Portugal in one day, including a first GCC target, as the group
WorldLeaks Targets Thai Infrastructure Giant CH Karnchang
June 5, 2026
WorldLeaks claimed CH Karnchang, Thailand’s major infrastructure builder, and United Auto Supply in a pure data extortion operation with no
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.